Cyber security is a prominent theme for us and that’s because of the ever-changing world of the internet and technology – combined and in the wrong hands, the dangers businesses face are endless.
So, we’ve compiled this list of top tips for you to mark your cyber security management against. We know 25 sounds a lot, but we’ve kept it concise; consider it a tick list and a great tool to share with your staff to help them understand the precautions that can be taken at ground level.
Be aware of social media content and make sure you’re adhering to any NDAs, contracts and agreements you may have signed with clients.
Understand what data your business is collecting from social media or any online forms, and make sure it’s protected effectively.
Multiple authentication methods are growing ever more popular; consider implementing them where applicable in your business. They’re Free!!!
Consider having an SSL/TLS certificate installed on your servers to ensure your website is secure.
Devise a re-usable formula for passwords i.e. numbers representing letters, to ensure passwords are strong but still possible for you to remember.
Out of date software is a weak link in your cyber security – ensure updates are always activated and occurring on a regular basis.
Be confident in your back-up systems and always have good retention; viruses can lay dormant.
Be sure you have a good Firewall that monitors both incoming and outgoing data.
Implement a Bring Your Own Device policy for staff to familiarise themselves with – having team members work from their own mobile devices can increase productivity but can, in turn, increase risk.
Implement an Incident Response Strategy that makes it easy for your business to respond as fast as possible in the event of a cyber attack and minimise damage caused.
Organise password training for staff. It may receive the odd eye-roll but coming up with some original tips on how to set a good password will gain their interest – take the first letter of each word from the first line in your favourite song, for example.
Be sure staff are aware of the importance of surfing only HTTPS websites and that they understand the signs to look out for from an unsecured site.
Consider email security and how you communicate confidential information within your business. Preferably using encrypted emails for financial or sensitive information.
Lead the way for your staff and demonstrate your own commitment to a cyber secure culture – attend the training, read the policies, change your habits, and your team will follow suit.
Conduct phishing drills to check your teams’ understanding following cyber security training.
Carry out inside threat evaluations, especially during periods of staff turnaround.
Identify an Incident Response Team to support your IT Manager in the event of an attack. Not only will this aid a faster response by having all-hands-on-deck, but it will also help emphasise that cyber security is a team responsibility within the business, regardless of department. If you outsource your IT, ask them what their response policy is, should you have an attack.
Ensure you have Quick Response Guidelines written and accessible to enable anyone to react to the first sign of a cyber attack – even if step one of the guide is to contact your IT support manager or provider.
Have a plan in place for external communication of a breach as per GDPR requirements.
Learn from any mistakes by ensuring a complete assessment and de-brief to all staff takes place following a breach.
Remember, you are never 100% secure – no one is.
Invest in cyber insurance – your standard insurance will not cover you for any losses. However, you will need to show you have been diligent and be able to demonstrate adequate anti-virus, firewalls and patch management.
Ensuring every component of your IT infrastructure has a strong identity will speed up the process of getting back online following an attack.
Manage the flow of data throughout your company – know how it moves and where it’s moving to. With many businesses having strong automated systems in place, it can be easy to lose track.
Leverage the Cloud and the tools it has to offer – including back-up services.
You might say, Jupiter IT are on a mission
At Jupiter IT, we’re committed to raising awareness of cyber crime; its motivation and its impact. We hold the prestigious Cyber Essential Plus certification; we are experts in this standard and can help you become Cyber Essential accredited too. Read more about the benefits of being Cyber Essential certified and how we can help you get there.
Offering cyber security in Hull, Scunthorpe, Grimsby and the surrounding areas, we provide free, content-rich, cyber security training for all our clients. To find out more, drop us a line – we’re waiting to share our expertise with you.